Essentially, Microsoft delivered the patch for this vulnerability during the last round of Patch Tuesday updates the second week of October 2017, but waited until today to publicly announce it so the rest of the industry had time to catch up.

Incidentally, the updates available for Windows 7 and Windows Server 2008 for this particular security issue have been reported to introduce other issues. However, this security vulnerability is pretty serious and you might consider rolling out the update anyway and suffering through until Microsoft can supply fixes for fixes.

Microsoft has definitely created another Catch-22 scenario for some customers.